Baby clothing giant Carter’s exposed trove of shoppers data

20 June 2021

The Linc system delivered shortened URLs with Carter’s purchases and shipping data without any appropriate security protections. By modifying the Linc generated URLs, it became possible to access backend JSON data revealing even more customer details, which the confirmation pages didn’t expose, like full names, phone numbers, and delivery addresses of Carter’s customers.

Read full article on HackRead

Date:

20 June 2021

Categorie(s):

NEWS

Tag(s):

Baby, IT, Leaks, News, Privacy

Offensive Awakening: The 2024 Shift from Defensive to Proactive Security5 May 2024
End-to-end encryption may be the bane of cops, but they can’t close that Pandora’s Box5 May 2024
Week in review: PoCs allow persistence on Palo Alto firewalls, Okta credential stuffing attacks5 May 2024
Navigating the Digital Age: AI’s Crucial Role in Cybersecurity Reinforcement5 May 2024
Dating apps kiss’n’tell all sorts of sensitive personal info4 May 2024